Monday, September 7, 2009

Firefox to check for vulnerable Flash

Adobe has had a whole bunch of vulnerabilities lately. Compounding this is that they do not have a good update mechanism; Firefox will check regularly to see if there is a critical security update, and will ask you if it can update itself.

Flash is what makes Youtube work, so it's kind of all over the place - including here.

The folks at Firefox have just announced that they're putting a check into Firefox 3.5.3, and will at least tell you that your Flash is outdated.
The upcoming Firefox 3.5.3 and Firefox 3.0.14 releases, currently in beta, will check the version of Adobe Flash plug-in installed in the browser and warn the user if that plug-in is out of date. Johnathan Nightingale, "Human Shield" (Security Lead) at Mozilla confirmed the new security feature to The H and said that the Flash version check was part of a wider commitment to "protect users from emerging threats online".
Well done, team Firefox.

Actually, it's not quite correct to say that Adobe doesn't have an update mechanism. They do, but it's mostly hidden, and the default settings leave quite a lot to be desired. There is a page at Adobe.com that lets you configure how frequently it checks for security updates. It only lets you set it to one check ever 7 days, but that's a start.

1 comment:

Anonymous said...

Bit of a slap in the Adobe's face, no? Don't get me wrong, they deserve it. Considering how porous Flash players seem to be, anything that improves the situation is a good thing. Maybe they'll get their act together now.

Jim